Home > mailing lists

Re: Providing catalog view to pg_hba.conf file - Patch submission - Mailing list pgsql-hackers

From	Tomas Vondra
Subject	Re: Providing catalog view to pg_hba.conf file - Patch submission
Date	February 27, 2015 20:49:07
Msg-id	54F0ADEE.6070004@2ndquadrant.com Whole thread Raw
In response to	Re: Providing catalog view to pg_hba.conf file - Patch submission (Stephen Frost <sfrost@snowman.net>)
Responses	Re: Providing catalog view to pg_hba.conf file - Patch submission (Magnus Hagander <magnus@hagander.net>) Re: Providing catalog view to pg_hba.conf file - Patch submission (Stephen Frost <sfrost@snowman.net>)
List	pgsql-hackers

Tree view

On 27.2.2015 17:59, Stephen Frost wrote:
> All,
> 
> * Tomas Vondra (tomas.vondra@2ndquadrant.com) wrote:
>>
>> The other feature that'd be cool to have is a debugging function
>> on top of the view, i.e. a function pg_hba_check(host, ip, db,
>> user, pwd) showing which hba rule matched. But that's certainly 
>> nontrivial.
> 
> I'm not sure that I see why, offhand, it'd be much more than trivial
> ...

From time to time I have to debug why are connection attempts failing,
and with moderately-sized pg_hba.conf files (e.g. on database servers
shared by multiple applications) that may be tricky. Identifying the
rule that matched (and rejected) the connection would be helpful.

But yes, that's non-trivial and out of scope of this patch.

-- 
Tomas Vondra                http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services

pgsql-hackers by date:

From: David Fetter
Date: 27 February 2015, 20:41:33
Subject: Re: Bug in pg_dump

From: Alvaro Herrera
Date: 27 February 2015, 20:50:59
Subject: Re: POLA violation with \c service=

Re: Providing catalog view to pg_hba.conf file - Patch submission - Mailing list pgsql-hackers

Previous

Next